package com.example.apiproject.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.CorsFilter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

@Configuration
public class CorsConfig {

//    @Bean
//    public CorsFilter corsFilter() {
//        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
//        CorsConfiguration config = new CorsConfiguration();
//        config.addAllowedOrigin("*"); // 允许所有来源
//        config.addAllowedMethod("*"); // 允许所有HTTP方法
//        config.addAllowedHeader("*"); // 允许所有请求头
//        source.registerCorsConfiguration("/**", config); // 对所有路径生效
//        return new CorsFilter(source);
//    }
@Bean
public CorsFilter corsFilter() {
    //1.添加CORS配置信息
    CorsConfiguration config = new CorsConfiguration();
    //1) 允许的域,不要写*，否则cookie就无法使用了
    config.addAllowedOrigin("http://localhost:8081");
    /*   config.addAllowedOrigin("http://api.xxx.com");*/
    config.addAllowedOrigin("*");
    //2) 是否发送Cookie信息
    config.setAllowCredentials(true);
    //3) 允许的请求方式
    config.addAllowedMethod("OPTIONS");
    config.addAllowedMethod("HEAD");
    config.addAllowedMethod("GET");
    config.addAllowedMethod("PUT");
    config.addAllowedMethod("POST");
    config.addAllowedMethod("DELETE");
    config.addAllowedMethod("PATCH");
    // 4）允许的头信息
    config.addAllowedHeader("*");
    // 4）有效时间
    config.setMaxAge(3600L);

    //2.添加映射路径，我们拦截一切请求
    UrlBasedCorsConfigurationSource configSource = new UrlBasedCorsConfigurationSource();
    configSource.registerCorsConfiguration("/**", config);

    //3.返回新的CorsFilter.
    return new CorsFilter(configSource);
}

}
